<?php
	
	
	$strs = isset($_SESSION['strs'])?$_SESSION['strs']:1;
	

	if($_POST){
		
		//判断账号密码是否为空
		if($_POST['verify'] == ''){
			echo "<script>alert('验证码不可为空');window.location.href='index.php?m=admin&c=manage'</script>";die;
		}
		if($_POST['username'] == ''|| $_POST['password'] == ''){
			echo "<script>alert('账号密码不可为空');window.location.href='index.php?m=admin&c=manage'</script>";die;
		}
		
		
		//连接数据库
		$con = connect('localhost','root','',"login");
		
		//获取数据
		$username = trim($_POST['username'],'');
		$password = trim($_POST['password'],'');
		$verify = md5(strtolower(trim($_POST['verify'],'')));

//		var_dump($username,$password);die;
		$pass = crypt($password,md5($password));
		//dbselect($con,$table,$field='*',$where=null,$order=null,$limit=null)
		$sql = "select * from yonghu where username = '{$username}' and password = '{$pass}'";
//		var_dump($sql);die;
		$query = mysqli_query($con,$sql);
		     
		$num = $query->num_rows;

		$data = mysqli_fetch_assoc($query);

		$status = $data['status'];



		if($verify!=$strs){
			echo "<script>alert('验证码错误');window.location.href='index.php?m=admin&c=manage'</script>";die;
		}






		//判断账号密码是否存在
		if($num!=0){
				if($status!=1){
				echo "<script>alert('账号被冻结');window.location.href='index.php?m=admin&c=manage'</script>";die;
				}
			
				$_SESSION['username'] = $username;

				$_SESSION['nicheng'] = $data['nicheng'];
			
			
				if(isset($_POST['checkbox'])){
					
					setcookie('uname',$username,time()+3600*24*30);
					setcookie('upwd',$password,time()+3600*24*30);
					setcookie('check',$_POST['checkbox'],time()+3600*24*30);
					
					
					
				}else{
					setcookie('uname',$username,time()-3600*24*30);
					setcookie('upwd',$password,time()-3600*24*30);
					setcookie('check',$_POST['checkbox'],time()-3600*24*30);
				}
				
				
				
				
				
					echo "<script>alert('登录成功');window.location.href='index.php?m=admin'</script>";die;
				}else{
					echo "<script>alert('账号或密码错误');window.location.href='index.php?m=admin&c=manage'</script>";die;
				}
			

		
	}
	
	


	include("application/".M."/views/".C."/".V.".html");

	
?>